<?php
if (isset($_POST['checkout'])) {
	$nama = amankan($_POST['nama']);
	$email = amankan($_POST['email']);
	$nohp = amankan(trim($_POST['nohp']));
	$alamat = amankan($_POST['alamat']);
	if (strlen($nama) == 0 || strlen($email) == 0 || strlen($nohp) == 0 || strlen($alamat) == 0) {
		$_SESSION['status-checkout'] = "Semua input harus diisi";
		header("Location: ".site()."/checkout");
	} else if (!preg_match('/^[0-9]*$/',$nohp)) {
		$_SESSION['status-checkout'] = "No HP hanya boleh angka";
		header("Location: ".site()."/checkout");
	} else {
		$id = db_insert("INSERT INTO pesanan (tgl,nama,email,kontak,alamat,status) VALUES ('".date("Y-m-d H:i:s")."','$nama','$email','$nohp','$alamat',0)");
		foreach ($_SESSION['keranjang'] as $barang) {
			db_insert("INSERT INTO transaksi (idorder,idbarang,kuantitas) VALUES ($id,".$barang['id'].",".$barang['kuantitas'].")");
		}
		unset($_SESSION['keranjang']);
		$_SESSION['sukses-checkout'] = $nama;
		header("Location: ".site()."/checkout");
	}
}
?>